Giant Geek Blog

There are a few steps that I generally take to setup a new Tomcat server instance, this enables the following:

• The manager console
• HTTP compression
• UTF-8 encoding

Steps:

1. tomcat-users.xml – add to bottom:
   
<role rolename="manager-gui"/>
<user username="tomcat" password="s3cr3t" roles="manager-gui"/>


2. server.xml – add compression and URIEncoding, change port if desired:
   
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" compression="on" URIEncoding="UTF-8" />


3. server.xml – relocate webapps by adding ../ to appBase
   
<Host name="localhost" appBase="../webapps"
unpackWARs="true" autoDeploy="true">


4. Restart your server, on Ubuntu use:

   sudo service tomcat7 restart

Often you find a neeed to keep an old copy of Firefox around for testing or to use a specific plugin (Example: Selenium). In these cases it can often prove problematic to allow the browser to auto-update. Here are some simple steps to prevent this behavior.

Enter “about:config” into the Firefox URL bar, then change the following values. You can click on them to toggle.

app.update.auto = false
app.update.enabled = false


Alternately, on Windows you can edit the config file at: %APPDATA%\Mozilla\Firefox\Profiles\ .default\prefs.js

REFERENCES:

After updating the JDK on my development workstations, NetBeans started reporting the following at each start up.

Cannot locate java installation in specified jdkhome:
C:\Program Files\Java\jdk1.7.0_04
Do you want to try to use default version?
[ Yes | No ]

Thankfully, after a little searching, I found that the solution is very simple. You can change the value or comment it out with a # in:
C:\Program Files\NetBeans #.#.#\etc\netbeans.conf

netbeans_jdkhome="C:\Program Files\Java\jdk1.7.0_04”

REFERENCES:

I recently had to use a Windows computer with Cisco NAC installed, and found that there was a lot of disk activity for logging.

These files would grow to approximately 5MB before rotation.

C:\Documents and Settings\All Users\Application Data\Cisco\Cisco NAC Agent\logs\NACAgentLogCurrent.log
C:\Documents and Settings\All Users\Application Data\Cisco\Cisco NAC Agent\logs\NACAgentLogOld.log


To reduce this overhead (when no problems exist), the config file is exposed in XML.

1. Open C:\Program Files\Cisco\Cisco NAC Agent\NACAgentCFG.xml
2. Add/modify the LogFileSize attribute to 0 (zero) as shown below:
   
<?xml version="1.0" ?>
<cfg>
<DiscoveryHost></DiscoveryHost>
<LogFileSize>0</LogFileSize><!-- default 5 -->
</cfg>
3. Reboot
4. Remove the old .log files

NOTE: if you ever have networking issues and require support, you will need to restore the default value to ‘5′.

REFERENCES:

If you take a close look at your logs you may occasionally see requests for a file named wpad.dat. This file is related to automatic proxy configuration in many browsers.

To provide this capability to your users and website,

1. DNS:

   Default behavior is to traverse the domain in reverse, looking for one with a file named /wpad.dat

   Example (using my domain for example):
   wpad.www.giantgeek.com
   wpad.giantgeek.com
   wpad.com

2. Then in httpd.conf, set the MIME type:
   AddType application/x-ns-proxy-autoconfig .pac
3. Also in httpd.conf, add a redirect to the actual file you wish to use.
   Redirect permanent /wpad.dat http://www.giantgeek.com/proxy.pac
4. In the new file, add the following default contents, modify if you use a proxy:
   
/* 'proxy.pac' - This is the main function called by any browser
NOTE: there is NO proxy!
*/
function FindProxyForURL(url, host)
{
return “DIRECT”;
} // End function FindProxyForUrl


REFERENCES:

There may come a time when you want to change server behaviors for a specific path on your web server. Often times this becomes necessary if you host web sites that the customer wants to manage externally.

There are only a few small changes required:

1. In your httpd.conf file…
   # use .htaccess files for overriding,
AccessFileName .htaccess
# and never show any file starting with .ht
<files ~ "^\.ht">
Order allow,deny
Deny from all
</files>

2. The for the paths (or virtual hosts, you’ll need to add this line):
   AllowOverride All
3. Add the appropriate .htaccess files where needed.

DISCLAIMER: This technique CAN result in performance improvements, but should be put in your main server configuration file (httpd.conf), rather than in .htaccess files. .These files, by their very nature, cause performance degradation on your website, and so should be avoided whenever possible as they require an increase in file I/O (reads) on the server.

REFERENCES:

• http://www.askapache.com/2006/htaccess/speed-up-sites-with-htaccess-caching.html

After a clean install, or simply access to a new machine, I often find it helpful to enable colored prompts in the terminal/command line environment.
For standard Ubuntu / Debian / Linux environments, this only requires you to remove a comment from a single line in a config file.

In /home/%USERID%/.bashrc you will find the following text, the last line simply needs to have the hash removed:

# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
#force_color_prompt=yes

Open vi/vim or your editor of choice and remove it and you are done!

NOTE: If you are using Nautilus, you will not see this file as it is hidden, choose “View”, “Show Hidden Files” (CTRL-H) and it should appear.

Here’s another, albeit awkward configuration change for Mozilla Firefox for networking.

Enter about:config in the URL of the browser and manipulate the following,  I’ve shown the defaults in parethesis to aid in reverting them if you encounter problems.

network.http.pipelining=true (def:false)
network.http.proxy.pipelining (def:false – only required if you use proxies that support)
network.http.pipelining.maxrequests=8 (def:4, max is

References:

• http://en.wikipedia.org/wiki/HTTP_pipelining
• http://www.mozilla.org/projects/netlib/http/pipelining-faq.html
• http://www.mozilla.org/support/firefox/tips#oth_pipelining 

Cheers!

There comes a need for many organizations (or individuals) to establish proxy servers on their network. This is usually done for reasons of security or network topology. While the use of proxy servers simpifies some aspects of networking, it comes at the cost of maintaining the browser configuration of every network device (usually browsers). Netscape provided a mechanism to automate much of this problem by allowing the browser to retrieve the proxy configuration from a centrally managed server.

The proxy autoconfig file is written in JavaScript, it should be a separate file that has the proper filename extension and MIME type when provided from a webserver.

The file must define the function:

function FindProxyForURL(url, host)
{
...
}

1. FILENAME EXTENSION:
.pac

2. MIME TYPE:
application/x-ns-proxy-autoconfig

3. REFERENCES:

• http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html
• http://en.wikipedia.org/wiki/Proxy_auto-config
• http://www.mozilla.org/docs/netlib/pac.html
• http://www.schooner.com/~loverso/no-ads/

4. ApacheHTTP config.

Add the following to the httpd.conf file:

Redirect permanent /wpad.dat {yourdomain}/proxy.pac
AddType application/x-ns-proxy-autoconfig .pac

5. EXAMPLE:

/* 'proxy.pac' - This is the main function called by any browser */
function FindProxyForURL(url, host)
{

if (isPlainHostName(host) || // No Proxy for Non FQDN names
shExpMatch(host, “*.localnet”) || // No Proxy for internal network
shExpMatch(host, “127.0.0.1″) || // No Proxy for LocalHost
shExpMatch(host, “localhost”) || // No Proxy for LocalHost
shExpMatch(host, “mailhost”) || // No Proxy for MailHost
dnsDomainIs(host, “giantgeek.com”) || // No Proxy
return “DIRECT”;

else {
return “PROXY proxy.giantgeek.com:8080; PROXY proxy.giantgeek.com:8090; PROXY proxy2.giantgeek.com:8080″;

} //End else

} // End function FindProxyForUrl

NOTE: Also see my ‘WPAD’ blog entry.

Standards documentation is available from W3C at:

• http://www.w3.org/P3P/
• http://www.w3.org/TR/P3P/

NOTES:

xxx” indicates a field that must match between these files.
HTML:


<html>
<head>
<link type="text/xml" rel="P3Pv1" href="/w3c/p3p.xml" />
</head>
<body>
...
</body>
</html>


HTTP Header:

p3p: policyref="/w3c/p3p.xml", CP="TST"

/w3c/p3p.xml:


<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<META xmlns="http://www.w3.org/2002/01/P3Pv1">
<POLICY-REFERENCES>
<POLICY-REF about="/w3c/privacy.xml#xxx">
<INCLUDE>/*</INCLUDE>
<COOKIE-INCLUDE name="*" value="*" domain="*" path="*" />
</POLICY-REF>
</POLICY-REFERENCES>
</META>


/w3c/prixacy.xml


<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<POLICIES xmlns="http://www.w3.org/2002/01/P3Pv1">
<POLICY name="xxx" discuri="/index.html" xml:lang="en">
<ENTITY>
<DATA-GROUP>
<DATA ref="#business.name"></DATA>
<DATA ref="#business.department"></DATA>
<DATA ref="#business.contact-info.postal.name.given"></DATA>
<DATA ref="#business.contact-info.postal.street"></DATA>
<DATA ref="#business.contact-info.postal.city"></DATA>
<DATA ref="#business.contact-info.postal.stateprov"></DATA>
<DATA ref="#business.contact-info.postal.postalcode"></DATA>
<DATA ref="#business.contact-info.postal.country"></DATA>
<DATA ref="#business.contact-info.online.email"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.intcode"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.loccode"></DATA>
<DATA ref="#business.contact-info.telecom.telephone.number"></DATA>
<DATA ref="#business.contact-info.online.uri"></DATA>
</DATA-GROUP>
</ENTITY>
<ACCESS><nonident/></ACCESS>
<DISPUTES-GROUP>
<DISPUTES resolution-type="service" service="/index.html" short-description="Customer Service">
<LONG-DESCRIPTION></LONG-DESCRIPTION>
<REMEDIES><correct/></REMEDIES>
</DISPUTES>
</DISPUTES-GROUP>
<STATEMENT>
<CONSEQUENCE>We record some information in order to serve your request and to secure and improve our Web site.</CONSEQUENCE>
<PURPOSE><current/><develop/><admin/></PURPOSE>
<RECIPIENT><ours/></RECIPIENT>
<RETENTION><stated-purpose/></RETENTION>
<DATA-GROUP>
<DATA ref="#dynamic.clickstream"/>
<DATA ref="#dynamic.http"/>
</DATA-GROUP>
</STATEMENT>
</POLICY>
</POLICIES>


REFERENCES: